Malaysian Government formulates national cyber-crisis policy
By Digital News Asia November 28, 2013
- Outlines national strategy for ‘cyber crisis mitigation and response’ through public-private collaboration
- Defines the roles and responsibilities of all Critical National Information Infrastructure (CNII) agencies
THE Malaysian Government has launched a national policy document, National Security Council’s Directive No 24: Policy and Mechanism of the National Cyber Crisis Management, an executive directive that outlines the nation’s strategy for ‘cyber crisis mitigation and response’ through public and private collaboration and coordination.
The policy document was launched on Nov 27 by Deputy Prime Minister Muhyiddin Mohd Yassin at the closing ceremony of the annual National Cyber Crisis Exercise 2013 (X-MAYA 5), organised by the National Security Council (NSC) to address the issue issue of emerging cyber-threats which pose challenges to the economic wellbeing and security of the nation.
This annual event aims to test the effectiveness of the procedures that have been developed under the Malaysian National Cyber Crisis Management Plan and to assess the readiness and preparedness of critical national infrastructure agencies against cyber-attacks, the NSC said in a statement.
X-MAYA 5 2013 saw particpation from 98 public and private agencies across the 10 Critical National Information Infrastructures (CNIIs) – health, water, banking and finance, information and communications, energy, transport, defence and security, government, food and agriculture, and emergency services.
The exercise provides a thorough evaluation of Malaysia’s CNII agencies to strengthen the national emergency response by ensuring that proper procedures and mechanisms are in place for effective monitoring of the CNII, incident reporting and response, communications dissemination and business continuity management, the NSC said.
The National Security Council’s Directive No 24 defines the roles and responsibilities of all CNII agencies, it added.
There are six main principles under this directive: A national cyber crisis management structure; national cyber-threat levels; Computer Emergency Response Team (CERT); cyber security protection mechanisms; response, communication and coordination procedures; and a readiness programme.
CyberSecurity Malaysia provided technical support and infrastructure for X-MAYA 5. “We leveraged our experience in organising ‘cyber drills’ for the Organisation of Islamic Cooperation - Computer Emergency Response Team (OIC-CERT) and the Asia Pacific Computer Emergency Response Team (APCERT), as well as in dealing with cyber-security incidents through our Cyber999 Help Centre and Malware Research Centre," said Dr Amirudin Abdul Wahab (pic), CyberSecurity Malaysia chief executive officer.
Cyber-war: Time for our agencies to step up
The day Malaysia painted a bull’s eye on itself
Singapore announces third cyber-security masterplan
Cyber-attacks greater national threat than physical attacks: Survey